urlscan.io logo urlscan.io
SecurityTrails logo

www.frontlinefund.ca Open in urlscan Pro
52.233.26.83  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.frontlinefund.ca/
Submission: On June 04 via automatic, source links-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 5 countries across 28 domains to perform 124 HTTP transactions. The main IP is 52.233.26.83, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.frontlinefund.ca.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 27th 2021. Valid for: a year.
This is the only time www.frontlinefund.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 52.233.26.83 8075 (MICROSOFT...)
2 3 143.204.98.19 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
17 76.74.206.165 13768 (COGECO-PEER1)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a04:4e42:1b:... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
3 142.250.184.226 15169 (GOOGLE)
1 3 142.250.186.38 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a03:2880:f02... 32934 (FACEBOOK)
2 52.222.149.126 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 3 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 108.174.10.14 14413 (LINKEDIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:3::621 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2.18.234.190 16625 (AKAMAI-AS)
1 151.101.129.21 54113 (FASTLY)
2 64.202.112.127 23352 (SERVERCEN...)
1 151.101.129.35 54113 (FASTLY)
4 35.186.226.184 15169 (GOOGLE)
124 35
32    52.233.26.83 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.frontlinefund.ca
3    143.204.98.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-19.fra50.r.cloudfront.net
c212.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
17    76.74.206.165 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
www.canadahelps.org
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a04:4e42:1b::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
12    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
www.youtube.com
3    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
3    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
5627812.fls.doubleclick.net
2    2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    52.222.149.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-126.cdg52.r.cloudfront.net
sc-static.net
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
4    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
Domain Requested by
32 www.frontlinefund.ca www.frontlinefund.ca
17 www.canadahelps.org www.frontlinefund.ca
www.canadahelps.org
9 www.youtube.com www.frontlinefund.ca
www.youtube.com
5 www.google.com 1 redirects www.frontlinefund.ca
www.youtube.com
www.canadahelps.org
4 tr.snapchat.com www.canadahelps.org
4 www.facebook.com www.frontlinefund.ca
www.canadahelps.org
4 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
4 connect.facebook.net www.frontlinefund.ca
connect.facebook.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.canadahelps.org
3 fonts.googleapis.com www.canadahelps.org
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.youtube.com
3 www.google.de www.frontlinefund.ca
5627812.fls.doubleclick.net
3 px.ads.linkedin.com 3 redirects
3 5627812.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
3 www.googleadservices.com www.googletagmanager.com
5627812.fls.doubleclick.net
www.googleadservices.com
3 www.googletagmanager.com www.frontlinefund.ca
www.canadahelps.org
3 c212.net 2 redirects www.frontlinefund.ca
2 tr.outbrain.com amplify.outbrain.com
www.canadahelps.org
2 px4.ads.linkedin.com www.frontlinefund.ca
www.canadahelps.org
2 sc-static.net www.frontlinefund.ca
2 snap.licdn.com www.googletagmanager.com
www.frontlinefund.ca
2 stackpath.bootstrapcdn.com www.frontlinefund.ca
1 t.paypal.com www.canadahelps.org
1 www.paypal.com www.canadahelps.org
1 amplify.outbrain.com www.frontlinefund.ca
1 cdn.polyfill.io www.canadahelps.org
1 www.gstatic.com www.youtube.com
1 adservice.google.de 1 redirects
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 adservice.google.com 5627812.fls.doubleclick.net
1 static.doubleclick.net www.youtube.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.linkedin.com 1 redirects
1 cdn.jsdelivr.net www.frontlinefund.ca
1 code.jquery.com www.frontlinefund.ca
1 pixel.mathtag.com 1 redirects
124 38

This site contains links to these domains. Also see Links.

Domain
lignedefront.ca
indd.adobe.com
facebook.com
twitter.com
www.sickkidsfoundation.com
Subject Issuer Validity Valid
frontlinefund.ca
Go Daddy Secure Certificate Authority - G2		 2021-04-27 -
2022-05-29		 a year crt.sh
*.c212.net
DigiCert SHA2 High Assurance Server CA		 2019-11-19 -
2022-01-05		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
canadahelps.org
DigiCert SHA2 Extended Validation Server CA		 2020-06-18 -
2021-06-23		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-11 -
2022-02-15		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-18 -
2022-03-26		 10 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-04-16 -
2022-03-15		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-11-17 -
2021-11-21		 a year crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-01-23		 a year crt.sh

This page contains 10 frames:

Primary Page: https://www.frontlinefund.ca/
Frame ID: 4C850DD05D9A028EAEA8712B99F24A14
Requests: 55 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3YY_UaQ_z7c
Frame ID: D6EA4E76E547A711AD4386592A554EB1
Requests: 17 HTTP requests in this frame

Frame: https://5627812.fls.doubleclick.net/activityi;dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
Frame ID: 1BEBF294651D6C7DC59D0BE044267A8A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
Frame ID: 7411CD756B51FCD72E0663EB5AE24568
Requests: 1 HTTP requests in this frame

Frame: https://www.canadahelps.org/en/dne/48326
Frame ID: E53AF6E3C8CB2CAF5D9A77ADC62593AF
Requests: 44 HTTP requests in this frame

Frame: https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
Frame ID: C71F4B81D71898D2133E3B65F8AE8C43
Requests: 4 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222
Frame ID: 7C22A03F35B5FD9782B64F47B441EE37
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: F4198EFD32A0A674457C9F46061687CF
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222
Frame ID: F13E1AF4E18E5F044D94BDD275A179C8
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 9D15EB015A5F51AE67EDBD10685C146A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

124
Requests

100 %
HTTPS

66 %
IPv6

28
Domains

38
Subdomains

35
IPs

5
Countries

3171 kB
Transfer

9221 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://c212.net/c/etag/?clientId=y3q9pMjP&pixel=1&dmp=1&e1=1 HTTP 302
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3DL2MvaW1nLzF4MS5naWY%2Fc2V0PTE%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D HTTP 302
  • https://c212.net/c/sync?u=L2MvaW1nLzF4MS5naWY/c2V0PTE=&c=US&dmpId=1&pid=391f60ba-5f7c-4400-9545-c2b089fc4eeb HTTP 302
  • https://c212.net/c/img/1x1.gif?set=1
Request Chain 41
  • https://5627812.fls.doubleclick.net/activityi;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F HTTP 302
  • https://5627812.fls.doubleclick.net/activityi;dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
Request Chain 51
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1622826876725&url=https%3A%2F%2Fwww.frontlinefund.ca%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%26time%3D1622826876725%26url%3Dhttps%253A%252F%252Fwww.frontlinefund.ca%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1622826876725&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1622826876725&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&liSync=true&e_ipv6=AQKXjq9oK4UQoQAAAXnYBQT1br1cuY4SYM5jPAQ4_VR6GAq5sMBnu9-Hc5RGEc-2-dyXNRZW
Request Chain 70
  • https://adservice.google.de/ddm/fls/i/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F HTTP 302
  • https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
Request Chain 87
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/870836950/?random=661086671&cv=9&fst=1622826877738&num=1&npa=1&label=fedBCJLcjM4BENbVn58D&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5627812.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLHXlJy9_vACFQyVUQod-f0Ijg%3Bsrc%3D5627812%3Btype%3Dfront0%3Bcat%3Dthefr0%3Bord%3D5838343371395%3Bgtm%3D2wg621%3Bauiddc%3D2125467048.1622826877%3B~oref%3Dhttps%253A%252F%252Fwww.frontlinefund.ca%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=fV-6YOmhN6eWx_AP3MeO6AY&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/870836950/?random=661086671&cv=9&fst=1622826877738&num=1&npa=1&label=fedBCJLcjM4BENbVn58D&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5627812.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLHXlJy9_vACFQyVUQod-f0Ijg%3Bsrc%3D5627812%3Btype%3Dfront0%3Bcat%3Dthefr0%3Bord%3D5838343371395%3Bgtm%3D2wg621%3Bauiddc%3D2125467048.1622826877%3B~oref%3Dhttps%253A%252F%252Fwww.frontlinefund.ca%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=fV-6YOmhN6eWx_AP3MeO6AY&random=2069127646&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/870836950/?random=661086671&cv=9&fst=1622826877738&num=1&npa=1&label=fedBCJLcjM4BENbVn58D&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5627812.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLHXlJy9_vACFQyVUQod-f0Ijg%3Bsrc%3D5627812%3Btype%3Dfront0%3Bcat%3Dthefr0%3Bord%3D5838343371395%3Bgtm%3D2wg621%3Bauiddc%3D2125467048.1622826877%3B~oref%3Dhttps%253A%252F%252Fwww.frontlinefund.ca%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=fV-6YOmhN6eWx_AP3MeO6AY&random=2069127646&resp=GooglemKTybQhCsO&ipr=y
Request Chain 103
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68665&time=1622826879535&url=https%3A%2F%2Fwww.frontlinefund.ca%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=68665&time=1622826879535&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&e_ipv6=AQJVxApr1B_RXAAAAXnYBQqXv7Oiqn3deuwMNvyD1t7KkNj_Ul8s8JOdhpqqdTG2AFrzEAhM

124 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.frontlinefund.ca/ 		27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d147b7ac38e532c32f3d0386a4e0027e602decd1351d6e2bb2af36432107617b

Request headers

:method
GET
:authority
www.frontlinefund.ca
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
accept-ranges
bytes
etag
"801365784cd71:0"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Fri, 04 Jun 2021 17:14:35 GMT
content-length
7639
1x1.gif
c212.net/c/img/
Redirect Chain
  • https://c212.net/c/etag/?clientId=y3q9pMjP&pixel=1&dmp=1&e1=1
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3DL2MvaW1nLzF4MS5naWY%2Fc2V0PTE%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D
  • https://c212.net/c/sync?u=L2MvaW1nLzF4MS5naWY/c2V0PTE=&c=US&dmpId=1&pid=391f60ba-5f7c-4400-9545-c2b089fc4eeb
  • https://c212.net/c/img/1x1.gif?set=1
49 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c212.net/c/img/1x1.gif?set=1
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-19.fra50.r.cloudfront.net
Software
Jetty(9.4.31.v20200723) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:37 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Fri, 22 Jan 2021 20:10:50 GMT
server
Jetty(9.4.31.v20200723)
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
image/gif
server-timing
intid;desc=87cf8fe8baff0c81
accept-ranges
bytes
content-length
49
x-amz-cf-id
BrIvlv8N3NtwoleJ_-TcWh5JJ2SHTN6mQavDvjTF0CLCwkaFyEQlkA==

Redirect headers

date
Fri, 04 Jun 2021 17:14:37 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server
Jetty(9.4.31.v20200723)
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
location
/c/img/1x1.gif?set=1
server-timing
intid;desc=789f9c837dc26bdf
content-length
0
x-amz-cf-id
xcYX_horIrt_fDlpbP4PVr6zW2mX4SG1Fq9UH7Px5ixJj7ip3iPT5Q==
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.frontlinefund.ca
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
129568
cdn-cachedat
2021-06-03 06:03:08
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a799e15a600004e2bf2359000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ed2c34ad7def894ac17c400a40e33c30
cf-ray
65a2cc690d144e2b-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
custom.css
www.frontlinefund.ca/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.frontlinefund.ca/css/custom.css
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab0b6c92a1400e55ec1ff1e6d6dbe189db353c1ed363033709b59c78524b8caa

Request headers

:path
/css/custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:02 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"c9271b784cd71:0"
content-type
text/css
accept-ranges
bytes
content-length
17318
banner-logo.gif
www.frontlinefund.ca/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/banner-logo.gif
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c46677833614dc8c76eb0ce4bc5b7b05b814d6be4c3395a10be1d9d09fa14d46

Request headers

:path
/images/banner-logo.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"bf8179784cd71:0"
content-type
image/gif
accept-ranges
bytes
content-length
13671
banner-photo.jpg
www.frontlinefund.ca/images/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/banner-photo.jpg
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6393a3eab589e876b83ec0ac910dbdb104f9bba599b79c6b860f910f9944a9ce

Request headers

:path
/images/banner-photo.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"dd977f784cd71:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
116193
banner-photo-m.jpg
www.frontlinefund.ca/images/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/banner-photo-m.jpg
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3e602a4de26c3837529b6897f9b749d60becd673f815b7ea1a798fc73fe342ce

Request headers

:path
/images/banner-photo-m.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9cda7c784cd71:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
118257
supplies.png
www.frontlinefund.ca/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/supplies.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
612ab44dc4c3112888ac8765b621b398f88f949c498b275bf120148a501dd2a7

Request headers

:path
/images/supplies.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"eac9c784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
13701
supports.png
www.frontlinefund.ca/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/supports.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7f6779cb948f3faa7f299b0e8ed3a5c0d5d810e516ca7da2762625ee99505c96

Request headers

:path
/images/supports.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"3a7c9e784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
13451
research.png
www.frontlinefund.ca/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/research.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fe1545c3865cc4f2237f21331494c7f2bc60a8ceaf161d72c5ba489b8345b342

Request headers

:path
/images/research.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"6d9296784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
4867
cdf_embed.js
www.canadahelps.org/secure/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/secure/js/cdf_embed.js
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
b6c02d89ac8e14db6a1b44902b11505101d941da225147f040d2f4137d8ce383
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
last-modified
Mon, 05 Apr 2021 18:36:55 GMT
server
nginx
etag
W/"606b58c7-2657"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:36 GMT
cma.png
www.frontlinefund.ca/images/logos/tier1/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier1/cma.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
854b6102c350816c67d38259f9c32016f00f9ecc4276f7d0d1b2d0279a381391

Request headers

:path
/images/logos/tier1/cma.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f5daad784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
12926
maple-leaf.png
www.frontlinefund.ca/images/logos/tier1/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier1/maple-leaf.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa0e735f9e536274c74712e293599e1081bd3968521ab0c67c00f7e7d145bbf6

Request headers

:path
/images/logos/tier1/maple-leaf.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"494ab0784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
13941
td-en.png
www.frontlinefund.ca/images/logos/tier1/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier1/td-en.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7137a345b6bb4db468ab45955366815ef392979ebf31018f236019757e306f74

Request headers

:path
/images/logos/tier1/td-en.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9ae0b2784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
13069
alectra.png
www.frontlinefund.ca/images/logos/tier2/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/alectra.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
73025991d085d103280035e8fc2af958474075b4bebbc0d20d419f68dab51347

Request headers

:path
/images/logos/tier2/alectra.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"db44c0784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
13065
canada-life.png
www.frontlinefund.ca/images/logos/tier2/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/canada-life.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
218c050ae1bcefb6b476029213fe1e9b29886d582b4d5eaec9d53452a1420ac5

Request headers

:path
/images/logos/tier2/canada-life.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"2db4c2784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
16547
canadian-tire.png
www.frontlinefund.ca/images/logos/tier2/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/canadian-tire.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ccc9a4a97a2a6203e474b0333c1cedcdeab7c8f853e2298c6fa2e73921f39e24

Request headers

:path
/images/logos/tier2/canadian-tire.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"54e6c5784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
25087
cp.png
www.frontlinefund.ca/images/logos/tier2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/cp.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
59e85a2b721d58db3ba34854e0eb3ed40148ff4c1ea898630211d39dd80871ad

Request headers

:path
/images/logos/tier2/cp.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8fcac8784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
2282
jewlr.png
www.frontlinefund.ca/images/logos/tier2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/jewlr.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bb22dbf62bb04df39f13e65f7b2ecb8246c6836bf60e88583ca905d8b5ef3901

Request headers

:path
/images/logos/tier2/jewlr.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"d239cb784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
5735
kruger-en.png
www.frontlinefund.ca/images/logos/tier2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/kruger-en.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f7326697e340432e2276ba1403c2893c7abd9b1d34bd0028a94d2897f8dd0465

Request headers

:path
/images/logos/tier2/kruger-en.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1bd0cd784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
8795
pia.png
www.frontlinefund.ca/images/logos/tier2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/pia.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
41ee4c2d3d7b5721f1d58fa04863c4ee2d1bdf39d3d6cd50e8be33af0342fee9

Request headers

:path
/images/logos/tier2/pia.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"df60d2784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
11288
pwc.png
www.frontlinefund.ca/images/logos/tier2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/pwc.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2f436874ed4fce63ea3643cce3ae94dac5471a32c5e536d458c5812ad4cfbfa0

Request headers

:path
/images/logos/tier2/pwc.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"20d0d4784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
6002
rogers-en.png
www.frontlinefund.ca/images/logos/tier2/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/rogers-en.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
704955d709b626ec51e576b1053dae12fffeecafc212a2c6516c92d77c739fdb

Request headers

:path
/images/logos/tier2/rogers-en.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7e18d7784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
14252
roots.png
www.frontlinefund.ca/images/logos/tier2/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/roots.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b8523446732aebbe25cb0557b32a635459a6170f00836e53a4260930d98c23c6

Request headers

:path
/images/logos/tier2/roots.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"28f7db784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
61724
RSM-en.png
www.frontlinefund.ca/images/logos/tier2/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/RSM-en.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8ca22f30bb503ec78da7b9ef0b8d711e8bef4f644af3122df28670d57b1a9b8b

Request headers

:path
/images/logos/tier2/RSM-en.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"3a9b8784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
15424
swoop-en.png
www.frontlinefund.ca/images/logos/tier2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/swoop-en.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad5e91dad77d4d4200dbcebdd9203a2f5075380000c15a33d11852704fe226c9

Request headers

:path
/images/logos/tier2/swoop-en.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8f3fde784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
7014
wajax.png
www.frontlinefund.ca/images/logos/tier2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/wajax.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
93a9fe57526f6231ff60d3671166d778980797be55cb7c9727516b927d82b335

Request headers

:path
/images/logos/tier2/wajax.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"aff1e4784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
6075
WPM.png
www.frontlinefund.ca/images/logos/tier2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/logos/tier2/WPM.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f656f99a84999415a417899779b5d671fb908124d7eabe8a3fc80c7e86182ae7

Request headers

:path
/images/logos/tier2/WPM.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8fd5bd784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
7737
gradient.png
www.frontlinefund.ca/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/gradient.png
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fb179525d5a7e7ca8d71f352ce3082386a9d89ce33a15d0400924b4ad950131c

Request headers

:path
/images/gradient.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e86591784cd71:0"
content-type
image/png
accept-ranges
bytes
content-length
6915
footer-logo.gif
www.frontlinefund.ca/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/footer-logo.gif
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
efd66c35a3c10b6dab126fd7923c25c7cd5eda40903f7d70efd879cbebbcb182

Request headers

:path
/images/footer-logo.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"45608c784cd71:0"
content-type
image/gif
accept-ranges
bytes
content-length
2993
footer-facebook.gif
www.frontlinefund.ca/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/footer-facebook.gif
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8703973d6dcebd71cb03d72f7e6145061aaaf6feefde1b91c867be16a507ba9

Request headers

:path
/images/footer-facebook.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"fdc989784cd71:0"
content-type
image/gif
accept-ranges
bytes
content-length
1424
footer-twitter.gif
www.frontlinefund.ca/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frontlinefund.ca/images/footer-twitter.gif
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b004103ab9cc1116ccc6891509b74e8399dcfa32db5487ffbdc7955722b158f0

Request headers

:path
/images/footer-twitter.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9ccf8e784cd71:0"
content-type
image/gif
accept-ranges
bytes
content-length
1462
jquery-3.4.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Origin
https://www.frontlinefund.ca
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-1157d"
vary
Accept-Encoding
x-hw
1622826876.dop153.fr8.t,1622826876.cds250.fr8.hn,1622826876.cds260.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24328
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.frontlinefund.ca
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
9915324
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
7510
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
x-served-by
cache-fra19146-FRA, cache-hhn4060-HHN
date
Fri, 04 Jun 2021 17:14:36 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.frontlinefund.ca
Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
601, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-04 18:54:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a799e15a600004e2bf1bb8000000001
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
70e8bd27d0d9f8871b8f320ed6a510b0
cf-ray
65a2cc690d184e2b-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		504 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8abbe19db4dbc083cd5d06feb72f90559fedd569444e1ad0345a6770cf58fbe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94782
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 16:59:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Jun 2021 17:14:36 GMT
3YY_UaQ_z7c
www.youtube.com/embed/ Frame D6EA 		52 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/3YY_UaQ_z7c
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
750626c18b86da5cf506a629d78656e2b3ac599f9742393e3ac562aabbb92303
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/3YY_UaQ_z7c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.frontlinefund.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.frontlinefund.ca/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 04 Jun 2021 17:14:36 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=D0RI1hzIhaU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=E37BzLZXKhA; Domain=.youtube.com; Expires=Wed, 01-Dec-2021 17:14:36 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+042; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
NeueHaasUnicaPro-Regular.ttf
www.frontlinefund.ca/fonts/ 		118 KB
118 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.frontlinefund.ca/fonts/NeueHaasUnicaPro-Regular.ttf
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
33d15a5d6eefe7717fcb80376dc172e11c6814b2978fab9606d686941dd2e564

Request headers

:path
/fonts/NeueHaasUnicaPro-Regular.ttf
pragma
no-cache
origin
https://www.frontlinefund.ca
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/css/custom.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.frontlinefund.ca
Referer
https://www.frontlinefund.ca/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1276d784cd71:0"
content-type
application/octet-stream
accept-ranges
bytes
content-length
120612
Druk-Medium.ttf
www.frontlinefund.ca/fonts/ 		84 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.frontlinefund.ca/fonts/Druk-Medium.ttf
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
24e98b3259203f1711616f6d4799154822d403ecd518d6dfcf16c219158272fb

Request headers

:path
/fonts/Druk-Medium.ttf
pragma
no-cache
origin
https://www.frontlinefund.ca
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/css/custom.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.frontlinefund.ca
Referer
https://www.frontlinefund.ca/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:02 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9c7b4a784cd71:0"
content-type
application/octet-stream
accept-ranges
bytes
content-length
86352
HaasGrotDispR-75Bold.ttf
www.frontlinefund.ca/fonts/ 		136 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.frontlinefund.ca/fonts/HaasGrotDispR-75Bold.ttf
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/css/custom.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.26.83 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6133f885bd79b414f76346c0b8c32842d06400095c1c8a3d7e36acd2cfabee4

Request headers

:path
/fonts/HaasGrotDispR-75Bold.ttf
pragma
no-cache
origin
https://www.frontlinefund.ca
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.frontlinefund.ca
referer
https://www.frontlinefund.ca/css/custom.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.frontlinefund.ca
Referer
https://www.frontlinefund.ca/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
last-modified
Fri, 26 Feb 2021 21:12:02 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"44285a784cd71:0"
content-type
application/octet-stream
accept-ranges
bytes
content-length
138852
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
193
date
Fri, 04 Jun 2021 17:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 04 Jun 2021 19:11:23 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8eff2b654a02ba2efd6d909282fadb10634d6edb187a9d7818a55b000895bd37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13939
x-xss-protection
0
server
cafe
etag
4459216894538436887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 04 Jun 2021 17:14:36 GMT
activityi;dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
5627812.fls.doubleclick.net/ Frame 1BEB
Redirect Chain
  • https://5627812.fls.doubleclick.net/activityi;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F?
  • https://5627812.fls.doubleclick.net/activityi;dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww....
485 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5627812.fls.doubleclick.net/activityi;dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
6ff2aab34866c0add99f806f36b62b7c6c4b1d8c6bb3f6fa12deeb2f0023eeb4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5627812.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.frontlinefund.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 04 Jun 2021 17:14:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
387
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 04-Jun-2021 17:29:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 04 Jun 2021 17:14:36 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5627812.fls.doubleclick.net/activityi;dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 04 Jun 2021 17:14:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=60132
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24155
x-fb-rlafr
0
pragma
public
x-fb-debug
suf0q7f15fc/jhzPJBk3bDHb5pKRBHs2FtOF9HZop0al3RStUGvjoDlE8vVanFeYzwL6fsse3fkHPJq2ugrkvg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 04 Jun 2021 17:14:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
scevent.min.js
sc-static.net/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-126.cdg52.r.cloudfront.net
Software
CloudFront /
Resource Hash
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
CDG52-P1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5720
via
1.1 a6e02469f8cbbfee9635eadf6e97ee55.cloudfront.net (CloudFront)
x-amz-cf-id
adWm92BbmOZMfsl3tuC44MX87Esdwg04O2Uk3NzKBez0Zy31mEvTgA==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2038624833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.frontlinefund.ca%2F&ul=en-us&de=UTF-8&dt=The%20Frontline%20Fund%20-%20help%20Canadian%20healthcare%20workers%20today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1769212782&gjid=1848357117&cid=2135991839.1622826877&tid=UA-66351416-11&_gid=670932933.1622826877&_r=1&gtm=2wg621NJ4P25&z=1957907249
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Jun 2021 17:14:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.frontlinefund.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player-webp.css
www.youtube.com/s/player/5d56cf74/ Frame D6EA 		357 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5d56cf74/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3YY_UaQ_z7c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8e06c0ef58cf21fc5a2b2268a78ef904bad93b5170dd8c0757a649408ef1f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/3YY_UaQ_z7c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 00:45:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 00:03:57 GMT
server
sffe
age
59336
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46150
x-xss-protection
0
expires
Sat, 04 Jun 2022 00:45:40 GMT
www-embed-player.js
www.youtube.com/s/player/5d56cf74/www-embed-player.vflset/ Frame D6EA 		192 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5d56cf74/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3YY_UaQ_z7c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2954a8f6c2621ad59a3e6c8d1c323dd11dce9a251a1141af2b83a12c2ef93a5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/3YY_UaQ_z7c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 00:48:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 00:03:57 GMT
server
sffe
age
59196
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64943
x-xss-protection
0
expires
Sat, 04 Jun 2022 00:48:00 GMT
base.js
www.youtube.com/s/player/5d56cf74/player_ias.vflset/en_US/ Frame D6EA 		2 MB
467 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5d56cf74/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3YY_UaQ_z7c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a08acac60de13bce023074ac58d4fa94f0cc3f4ad2ef72cd29913709ef60ab70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/3YY_UaQ_z7c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 00:45:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 00:03:57 GMT
server
sffe
age
59322
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
478064
x-xss-protection
0
expires
Sat, 04 Jun 2022 00:45:54 GMT
fetch-polyfill.js
www.youtube.com/s/player/5d56cf74/fetch-polyfill.vflset/ Frame D6EA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5d56cf74/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3YY_UaQ_z7c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/3YY_UaQ_z7c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 00:48:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 00:03:57 GMT
server
sffe
age
59196
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Sat, 04 Jun 2022 00:48:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D6EA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3YY_UaQ_z7c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
302471
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 01 Jun 2022 05:13:25 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1622826876725&url=https%3A%2F%2Fwww.frontlinefund.ca%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%26time%3D1622826876725%26url%3Dhttps%253A%252F%252Fwww.frontlinefund.ca%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1622826876725&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1622826876725&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&liSync=true&e_ipv6=AQKXjq9oK4UQoQAAAXnYBQT1br1cuY4SYM5jPAQ4_VR6GAq5sMBnu9-Hc...
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1622826876725&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&liSync=true&e_ipv6=AQKXjq9oK4UQoQAAAXnYBQT1br1cuY4SYM5jPAQ4_VR6GAq5sMBnu9-Hc5RGEc-2-dyXNRZW
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:38 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
TBPms3JwhRbgkkH8LisAAA==

Redirect headers

date
Fri, 04 Jun 2021 17:14:38 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1622826876725&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&liSync=true&e_ipv6=AQKXjq9oK4UQoQAAAXnYBQT1br1cuY4SYM5jPAQ4_VR6GAq5sMBnu9-Hc5RGEc-2-dyXNRZW
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
HMKolXJwhRYwSkV08ioAAA==
564578104264082
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/564578104264082?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8b6c125260cbe9b425aff8c032e725e63a1358dbd1ec17fa885599cb46306c65
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
L6sHNM/rJEWvBdY2kwolab9aJb/tlCB9zK+G/xF0+txUlXtPiYa7qng5ePGgoS9PTzW4elfSSVZSxEf/88p8bA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 04 Jun 2021 17:14:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-66351416-11&cid=2135991839.1622826877&jid=1769212782&gjid=1848357117&_gid=670932933.1622826877&_u=YEBAAEAAAAAAAC~&z=469963319
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 04 Jun 2021 17:14:36 GMT
content-type
text/plain
access-control-allow-origin
https://www.frontlinefund.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-66351416-11&cid=2135991839.1622826877&jid=1769212782&_u=YEBAAEAAAAAAAC~&z=1685152812
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Jun 2021 17:14:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-66351416-11&cid=2135991839.1622826877&jid=1769212782&_u=YEBAAEAAAAAAAC~&z=1685152812
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Jun 2021 17:14:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/722705341/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/722705341/?random=1622826876858&cv=9&fst=1622826876858&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg621&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&tiba=The%20Frontline%20Fund%20-%20help%20Canadian%20healthcare%20workers%20today&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f5b55275553cf48bf1ea7cceabb81458b3bda0ea31964457fa6954ba768e808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1035
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame D6EA 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5d56cf74/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6f9a8b7128107ecc851f59d5d396223839b9a52487e311587b3367a9f13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame D6EA 		29 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5d56cf74/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:07:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
417
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Fri, 04 Jun 2021 17:22:40 GMT
dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
adservice.google.com/ddm/fls/i/ Frame 7411 		484 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
Requested by
Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/activityi;dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e47027ec3d0f9620de350dcf51611b55c4e259e816ae269060b5f4551094976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5627812.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5627812.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 04 Jun 2021 17:14:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
382
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=564578104264082&ev=PageView&dl=https%3A%2F%2Fwww.frontlinefund.ca%2F&rl=&if=false&ts=1622826877062&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622826877058.2068705838&it=1622826876736&coo=false&exp=l1&rqm=GET
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 04 Jun 2021 17:14:37 GMT
remote.js
www.youtube.com/s/player/5d56cf74/player_ias.vflset/en_US/ Frame D6EA 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5d56cf74/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5d56cf74/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a502280deb08defb508338bbd492164daa44279d91b3429516c6c4b057cc9ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/3YY_UaQ_z7c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 00:45:55 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 00:03:57 GMT
server
sffe
age
59322
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30988
x-xss-protection
0
expires
Sat, 04 Jun 2022 00:45:55 GMT
VvmsTzWGVftI7Azjb33di7uWXEYUEpKbTF0QkBq2gQw.js
www.google.com/js/th/ Frame D6EA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/VvmsTzWGVftI7Azjb33di7uWXEYUEpKbTF0QkBq2gQw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5d56cf74/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56f9ac4f358655fb48ec0ce36f7ddd8bbb965c461412929b4c5d10901ab6810c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 18:14:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
169224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13379
x-xss-protection
0
last-modified
Tue, 25 May 2021 09:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jun 2022 18:14:13 GMT
embed.js
www.youtube.com/s/player/5d56cf74/player_ias.vflset/en_US/ Frame D6EA 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5d56cf74/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5d56cf74/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbf074e5a42c443d21109f700704f372b565321f4d7128c9d320f3b503d066a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/3YY_UaQ_z7c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 00:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 04 Jun 2021 00:03:57 GMT
server
sffe
age
59023
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7459
x-xss-protection
0
expires
Sat, 04 Jun 2022 00:50:54 GMT
truncated
/ Frame D6EA 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwniZb4gBmMfgluqD6bnAdpGJqFPDBAXqVGYB0H9Glg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D6EA 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwniZb4gBmMfgluqD6bnAdpGJqFPDBAXqVGYB0H9Glg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3YY_UaQ_z7c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e54b51cd550f1170c0c2e1b6fb69f3c9a52481caca083a0513482c9c4d3761c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 14:14:42 GMT
x-content-type-options
nosniff
age
10795
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3427
x-xss-protection
0
server
fife
etag
"vdb3"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 01 Jun 2021 22:34:31 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/3YY_UaQ_z7c/ Frame D6EA 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/3YY_UaQ_z7c/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3YY_UaQ_z7c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c3a624f8bc598979d11c8fb35c2304a64bcb0ec9a2e97d139ef9ddf47a93f24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:37 GMT
x-content-type-options
nosniff
server
sffe
etag
"1607636014"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13912
x-xss-protection
0
expires
Fri, 04 Jun 2021 19:14:37 GMT
48326
www.canadahelps.org/en/dne/ Frame E53A 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/en/dne/48326
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/secure/js/cdf_embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
ae521d3f07a9eaad3ee67dcaded7a2256d8fd917aac0e2597c11e0fe2f8a26cf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
www.canadahelps.org
:scheme
https
:path
/en/dne/48326
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.frontlinefund.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.frontlinefund.ca/

Response headers

server
nginx
date
Fri, 04 Jun 2021 17:14:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-trace-id
337fd611-cee4-4b1a-a61c-4b1e22e81eb5
x-powered-by
ASP.NET
strict-transport-security
max-age=15768000
content-encoding
gzip
/
www.google.com/pagead/1p-user-list/722705341/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/722705341/?random=1622826876858&cv=9&fst=1622826000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg621&sendb=1&frm=0&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&tiba=The%20Frontline%20Fund%20-%20help%20Canadian%20healthcare%20workers%20today&async=1&fmt=3&is_vtc=1&random=841912323&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Jun 2021 17:14:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/722705341/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/722705341/?random=1622826876858&cv=9&fst=1622826000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg621&sendb=1&frm=0&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&tiba=The%20Frontline%20Fund%20-%20help%20Canadian%20healthcare%20workers%20today&async=1&fmt=3&is_vtc=1&random=841912323&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Jun 2021 17:14:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
5627812.fls.doubleclick.net/ddm/fls/r/ Frame C71F
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlin...
  • https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww....
868 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
1d51e13b74d3601ebe578df002ba857f6b1e5f179b118f8b19ea14c79ef5470d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5627812.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmeQskihCfP6Mb8VjsSixwFLrKetEnovXIQ3En40prIbaQvF8a2OeSeIyPR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 04 Jun 2021 17:14:37 GMT
expires
Fri, 04 Jun 2021 17:14:37 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
513
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 04 Jun 2021 17:14:37 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame D6EA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5d56cf74/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Fri, 04 Jun 2021 17:14:37 GMT
generate_204
www.youtube.com/ Frame D6EA 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?DafDqA
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/3YY_UaQ_z7c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:37 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=564578104264082&ev=Microdata&dl=https%3A%2F%2Fwww.frontlinefund.ca%2F&rl=&if=false&ts=1622826877640&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Frontline%20Fund%20-%20help%20Canadian%20healthcare%20workers%20today%22%2C%22meta%3Adescription%22%3A%22Canadian%20healthcare%20workers%20need%20your%20support%20to%20fight%20the%20COVID-19%20crisis.%20Help%20today%20by%20making%20an%20online%20donation.%22%2C%22meta%3Akeywords%22%3A%22COVID-19%2C%20coronavirus%2C%20healthcare%20workers%2C%20fundraising%2C%20campaign%2C%20frontline%20fund%2C%20front%20line%2C%20hospitals%2C%20Canada%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Ffrontlinefund.ca%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22I%27m%20sending%20my%20support%20to%20the%20frontline.%22%2C%22og%3Adescription%22%3A%22Canadian%20healthcare%20workers%20need%20your%20help%20to%20fight%20the%20COVID-19%20crisis.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ffrontlinefund.ca%2Fimages%2Fsocial-english.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1622826877058.2068705838&it=1622826876736&coo=false&es=automatic&tm=3&exp=l1&rqm=GET
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.frontlinefund.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 04 Jun 2021 17:14:37 GMT
cdn3.fullform.css
www.canadahelps.org/secure/css/ Frame E53A 		458 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/secure/css/cdn3.fullform.css?v=2021.I.0P
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
4e8dd84d8aaee5dcf785718fc7a65a4ce4113892c42497866fa94028e7f65ba0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
last-modified
Mon, 31 May 2021 14:41:38 GMT
server
nginx
etag
W/"60b4f5a2-72950"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:36 GMT
ie_banner.css
www.canadahelps.org/secure/css/ Frame E53A 		697 B
544 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/secure/css/ie_banner.css
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
b1ef0bbc064a24f6354165dcdf255f087f293d660d68f8807444ce371c45c82f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 16:59:24 GMT
server
nginx
etag
W/"6047a96c-2b9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:36 GMT
css
fonts.googleapis.com/ Frame E53A 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2bf12dd09417bd879194b11b5d2a4e81f78e12f3e0869f16e038003b4636a525
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 15:14:56 GMT
server
ESF
date
Fri, 04 Jun 2021 17:14:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Jun 2021 17:14:37 GMT
api.js
www.google.com/recaptcha/ Frame E53A 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en-CA&render=6Lfmt7UUAAAAAE8brUpxkO6l7fWdMn_Hz5JS9w2v
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
detectAsContentWindow.min.js
www.canadahelps.org/services/wa/js/libs/iframeResizer/ Frame E53A 		119 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/services/wa/js/libs/iframeResizer/detectAsContentWindow.min.js
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
a553d689606dcc9e2b6d4b444bd3b8f64aea4613bb9a195b6290d810f7a42058
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
c71970f7-4938-4861-adc0-ef36498ecf6b
date
Fri, 04 Jun 2021 17:14:36 GMT
etag
"f4807dd3a6fbd51:0"
last-modified
Mon, 16 Mar 2020 15:23:20 GMT
server
nginx
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
content-length
119
iframeResizer.contentWindow.min.js
www.canadahelps.org/services/wa/js/libs/iframeResizer/ Frame E53A 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/services/wa/js/libs/iframeResizer/iframeResizer.contentWindow.min.js
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
b3cab5661ef0bb4e761199d63b58b8f2588ce8187375981799a17b1ca024f60f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
8f6b103c-2b26-4ed1-8ac4-5caac16fa9b3
date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 16 Mar 2020 15:23:20 GMT
server
nginx
x-powered-by
ASP.NET
etag
W/"f4807dd3a6fbd51:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
frame-ancestors 'self';
document.currentScript.min.js
www.canadahelps.org/secure/js/ Frame E53A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/secure/js/document.currentScript.min.js
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
df41a1ccb53c232aa2d90dca1a85c4651ead2d1e58caa19e8048aede69ebe01d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
last-modified
Mon, 31 May 2021 14:41:40 GMT
server
nginx
etag
W/"60b4f5a4-a96"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:36 GMT
currentExecutingScript.min.js
www.canadahelps.org/secure/js/ Frame E53A 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/secure/js/currentExecutingScript.min.js
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
2738f2db8d227a8e78ec699f490d7a0624fe2bcfc3260f9ff73a75cd5eba65ed
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
last-modified
Mon, 31 May 2021 14:41:40 GMT
server
nginx
etag
W/"60b4f5a4-1d7f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:36 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame E53A 		222 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.fr-CA,Intl.~locale.en-CA,Number.parseInt,Number.parseFloat
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
293025
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Tue, 01 Jun 2021 01:18:44 GMT
date
Fri, 04 Jun 2021 17:14:37 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
cdn3.fullform.js
www.canadahelps.org/secure/js/ Frame E53A 		2 MB
583 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/secure/js/cdn3.fullform.js?v=2021.I.0P
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
4b0222bdab39ac468537590175e3f3679c16e78f73d2ffdce2e6b6901a2c1960
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
last-modified
Mon, 31 May 2021 14:41:38 GMT
server
nginx
etag
W/"60b4f5a2-2681a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:36 GMT
ie_banner.js
www.canadahelps.org/secure/js/ Frame E53A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/secure/js/ie_banner.js
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
e8022a7bc5ced09b9754c27e1b3680869fa31ca568b1b7c955639404a8bd1e38
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:36 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 16:59:24 GMT
server
nginx
etag
W/"6047a96c-3309"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:36 GMT
conversion.js
www.googleadservices.com/pagead/ Frame C71F 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
578ab6c83b4bf4279219e3d4d81986c8d3d0ca0422149d462f317ce85fc8c9c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5627812.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16585
x-xss-protection
0
server
cafe
etag
18411464993204572073
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 04 Jun 2021 17:14:37 GMT
/
www.googleadservices.com/pagead/conversion/870836950/ Frame C71F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/870836950/?random=1622826877738&cv=9&fst=1622826877738&num=1&npa=1&label=fedBCJLcjM4BENbVn58D&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5627812.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLHXlJy9_vACFQyVUQod-f0Ijg%3Bsrc%3D5627812%3Btype%3Dfront0%3Bcat%3Dthefr0%3Bord%3D5838343371395%3Bgtm%3D2wg621%3Bauiddc%3D2125467048.1622826877%3B~oref%3Dhttps%253A%252F%252Fwww.frontlinefund.ca%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
338db84ff7c7103cd35fedac370f33e5f5f9eb6fcdd207e68b3c3cf3c83fb36b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5627812.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Jun 2021 17:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1241
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/870836950/ Frame C71F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/870836950/?random=661086671&cv=9&fst=1622826877738&num=1&npa=1&label=fedBCJLcjM4BENbVn58D&guid=ON&resp=GooglemKTybQhCsO&eid=25050596...
  • https://www.google.com/pagead/1p-conversion/870836950/?random=661086671&cv=9&fst=1622826877738&num=1&npa=1&label=fedBCJLcjM4BENbVn58D&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&...
  • https://www.google.de/pagead/1p-conversion/870836950/?random=661086671&cv=9&fst=1622826877738&num=1&npa=1&label=fedBCJLcjM4BENbVn58D&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u...
42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/870836950/?random=661086671&cv=9&fst=1622826877738&num=1&npa=1&label=fedBCJLcjM4BENbVn58D&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5627812.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLHXlJy9_vACFQyVUQod-f0Ijg%3Bsrc%3D5627812%3Btype%3Dfront0%3Bcat%3Dthefr0%3Bord%3D5838343371395%3Bgtm%3D2wg621%3Bauiddc%3D2125467048.1622826877%3B~oref%3Dhttps%253A%252F%252Fwww.frontlinefund.ca%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=fV-6YOmhN6eWx_AP3MeO6AY&random=2069127646&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLHXlJy9_vACFQyVUQod-f0Ijg;src=5627812;type=front0;cat=thefr0;ord=5838343371395;gtm=2wg621;auiddc=2125467048.1622826877;~oref=https%3A%2F%2Fwww.frontlinefund.ca%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5627812.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Jun 2021 17:14:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 04 Jun 2021 17:14:38 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/870836950/?random=661086671&cv=9&fst=1622826877738&num=1&npa=1&label=fedBCJLcjM4BENbVn58D&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5627812.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLHXlJy9_vACFQyVUQod-f0Ijg%3Bsrc%3D5627812%3Btype%3Dfront0%3Bcat%3Dthefr0%3Bord%3D5838343371395%3Bgtm%3D2wg621%3Bauiddc%3D2125467048.1622826877%3B~oref%3Dhttps%253A%252F%252Fwww.frontlinefund.ca%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=fV-6YOmhN6eWx_AP3MeO6AY&random=2069127646&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame E53A 		1 KB
395 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/secure/css/cdn3.fullform.css?v=2021.I.0P
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c97df91d4e861efbed2d98832352fe363fbfa7eaff08f431c0983b08c477e06e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 15:34:14 GMT
server
ESF
date
Fri, 04 Jun 2021 17:14:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Jun 2021 17:14:38 GMT
css
fonts.googleapis.com/ Frame E53A 		8 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400italic,700italic
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/secure/css/cdn3.fullform.css?v=2021.I.0P
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60854ae2f597fa735150c989f8389a0c369987435b2673cb2a3eaeeda5d0912c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 16:32:59 GMT
server
ESF
date
Fri, 04 Jun 2021 17:14:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Jun 2021 17:14:38 GMT
gtm.js
www.googletagmanager.com/ Frame E53A 		245 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVV45D
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c5ec61391dabb57e9933cf111ac912c64d4cba64e6911bc24f04359d4a0699b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66749
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 16:59:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Jun 2021 17:14:38 GMT
gtm.js
www.googletagmanager.com/ Frame E53A 		504 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fbe2ea6d98cf83747ae4a5bfd0836fd1e74700b91a9c87339dbb060bbbcc33fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94805
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 16:59:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Jun 2021 17:14:38 GMT
analytics.js
www.google-analytics.com/ Frame E53A 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVV45D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
195
date
Fri, 04 Jun 2021 17:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 04 Jun 2021 19:11:23 GMT
bat.js
bat.bing.com/ Frame E53A 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVV45D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:37 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref
Ref A: 01302699CF254207ADEA7B8CEB9348CE Ref B: FRAEDGE1215 Ref C: 2021-06-04T17:14:38Z
etag
"0d2a696ff53d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9011
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame E53A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 04 Jun 2021 17:14:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=60130
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
obtp.js
amplify.outbrain.com/cp/ Frame E53A 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 04 Jun 2021 17:14:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Mar 2021 12:03:44 GMT
Server
AkamaiNetStorage
ETag
"c43e7f1b0459d05cce32768dd16af59b:1616414624.063318"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2864
Expires
Fri, 04 Jun 2021 17:34:38 GMT
fbevents.js
connect.facebook.net/en_US/ Frame E53A 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24155
x-fb-rlafr
0
pragma
public
x-fb-debug
suf0q7f15fc/jhzPJBk3bDHb5pKRBHs2FtOF9HZop0al3RStUGvjoDlE8vVanFeYzwL6fsse3fkHPJq2ugrkvg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 04 Jun 2021 17:14:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
pptm.js
www.paypal.com/tagmanager/ Frame E53A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.canadahelps.org&t=xo
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/secure/js/cdn3.fullform.js?v=2021.I.0P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32fa63f8008fbd2c88a3b98b877bf68fa5c97fbb6c3c61ff8f80ea7adc198f6b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-DeyLFm37tBY2o9IOEgMaSwQgbH3DTTOLFp8nIXdtHRjEo8E4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-DeyLFm37tBY2o9IOEgMaSwQgbH3DTTOLFp8nIXdtHRjEo8E4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
1494
x-cache
HIT
paypal-debug-id
134cc6d90e9b9
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4415
x-xss-protection
1; mode=block
x-served-by
cache-hhn4031-HHN
x-timer
S1622826879.071155,VS0,VE2
x-frame-options
SAMEORIGIN
date
Fri, 04 Jun 2021 17:14:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=3600
etag
W/"3037-5hlwvQcglV93T/NU2YnRlpmKO7E"
accept-ranges
bytes
x-cache-hits
1
48326
www.canadahelps.org/services/wa/api/donatenowpage/en/ Frame E53A 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/services/wa/api/donatenowpage/en/48326
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/secure/js/cdn3.fullform.js?v=2021.I.0P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
9e478579c3cb6275289455a5c66f3027265825bddd2d77fb8b7b752c12dffb3c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

x-trace-id
00000000-0000-0000-0000-000000000000
Referer
https://www.canadahelps.org/en/dne/48326
aspnet-sessionid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
aspxformsauth

Response headers

x-trace-id
f604ace6-2faf-431f-8071-1aef0a3a6905
pragma
no-cache
date
Fri, 04 Jun 2021 17:14:38 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache
content-security-policy
frame-ancestors 'self';
expires
-1
donorInfo
www.canadahelps.org/site/api/cdf/ Frame E53A 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/site/api/cdf/donorInfo
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/secure/js/cdn3.fullform.js?v=2021.I.0P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000, max-age=15768000

Request headers

x-trace-id
00000000-0000-0000-0000-000000000000
Referer
https://www.canadahelps.org/en/dne/48326
aspnet-sessionid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
aspxformsauth

Response headers

x-trace-id
e8ac0456-afbd-4efe-aa34-393c83bf3008
date
Fri, 04 Jun 2021 17:14:38 GMT
server
nginx
x-powered-by
ASP.NET
strict-transport-security
max-age=2592000, max-age=15768000
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame E53A 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.canadahelps.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:30:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
297836
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Wed, 01 Jun 2022 06:30:43 GMT
scevent.min.js
sc-static.net/ Frame E53A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.frontlinefund.ca
URL: https://www.frontlinefund.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-126.cdg52.r.cloudfront.net
Software
CloudFront /
Resource Hash
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:39 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
CDG52-P1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5720
via
1.1 a6e02469f8cbbfee9635eadf6e97ee55.cloudfront.net (CloudFront)
x-amz-cf-id
zRM96OU8YduZtpidmJPuuFOtNQNOpMbgRLT4J8ZVFWL1Rr57fZYVJg==
js
www.google-analytics.com/gtm/ Frame E53A 		103 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PVG6B3F&t=gtm4&cid=155731.1622826880
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef9da833f6e6ca271eb49e1194462ace63e66febe5c6781580733cf90eb0a545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:39 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38744
x-xss-protection
0
expires
Fri, 04 Jun 2021 17:14:39 GMT
collect
px4.ads.linkedin.com/ Frame E53A
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68665&time=1622826879535&url=https%3A%2F%2Fwww.frontlinefund.ca%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=68665&time=1622826879535&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&e_ipv6=AQJVxApr1B_RXAAAAXnYBQqXv7Oiqn3deuwMNvyD1t7KkNj_Ul8s8JOdhpqqdTG2AFrzEAhM
0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=68665&time=1622826879535&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&e_ipv6=AQJVxApr1B_RXAAAAXnYBQqXv7Oiqn3deuwMNvyD1t7KkNj_Ul8s8JOdhpqqdTG2AFrzEAhM
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:40 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
RErIBnNwhRbgkkH8LisAAA==

Redirect headers

date
Fri, 04 Jun 2021 17:14:39 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=68665&time=1622826879535&url=https%3A%2F%2Fwww.frontlinefund.ca%2F&e_ipv6=AQJVxApr1B_RXAAAAXnYBQqXv7Oiqn3deuwMNvyD1t7KkNj_Ul8s8JOdhpqqdTG2AFrzEAhM
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
aUCi63JwhRYAbU5Z8SoAAA==
17161329.js
bat.bing.com/p/action/ Frame E53A 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17161329.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 04 Jun 2021 17:14:38 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: D63BA1FD185D4A17B68F833504D57262 Ref B: FRAEDGE1215 Ref C: 2021-06-04T17:14:39Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame E53A 		0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17161329&tm=gtm001&Ver=2&mid=74c201db-e116-4215-8b95-cc6a172383c6&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Now%20-&p=https%3A%2F%2Fwww.frontlinefund.ca%2F&r=&lt=1724&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=715479
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 04 Jun 2021 17:14:38 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 3D68171DBDFB4C71ABA6FEE16065537A Ref B: FRAEDGE1215 Ref C: 2021-06-04T17:14:39Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
154860178445426
connect.facebook.net/signals/config/ Frame E53A 		255 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/154860178445426?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
722127c81600701f21c1599e2742f6688ae3903283e1b1769215cb0e23313ad4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
/BhQORdhDFLcWhYgLPNk2QDTWd36+hJS9ke+kEbSCmxdcecon5+QKKCSR48TkNvskhRM9usW1V+A9pAxbx3Dvw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 04 Jun 2021 17:14:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame D6EA 		28 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5d56cf74/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/3YY_UaQ_z7c
X-YouTube-Client-Version
1.20210602.1.1
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtFMzdCekxaWEtoQSj8vumFBg%3D%3D
X-YouTube-Ad-Signals
dt=1622826876840&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C767%2C431&vis=1&wgl=true&ca_type=image&bid=ANyPxKrBNNjJH8CHqkTBUdOYBH6HZb6Q115rLSLdmcYQlxXtoDmJQny_GcYBzDuFjtikhKPyZ6-viOrRHTNnprYqn_oWIHo_OA

Response headers

date
Fri, 04 Jun 2021 17:14:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 04 Jun 2021 17:14:39 GMT
cachedClickId
tr.outbrain.com/ Frame E53A 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=002c037e327bdd81584c498f1d082735d2
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 04 Jun 2021 17:14:40 GMT
content-encoding
gzip
X-TraceId
fa54945ab3a0c8f1ee917dababd00675
Content-Length
56
Content-Type
application/javascript
ts
t.paypal.com/ Frame E53A 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Donate%20Now%20-&dh=1200&dw=1600&bh=0&bw=402&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1622826879733&g=-120&completeurl=https%3A%2F%2Fwww.canadahelps.org%2Fen%2Fdne%2F48326&ru=https%3A%2F%2Fwww.canadahelps.org%2Fen%2Fdn%2F48326&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Jun 2021 17:14:39 GMT
via
1.1 varnish
server
akka-http/10.1.11
x-timer
S1622826880.828434,VS0,VE158
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator
slca.slc
expires
Fri, 04 Jun 2021 17:14:39 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn4038-HHN
visa_logo.svg
www.canadahelps.org/secure/img/ Frame E53A 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadahelps.org/secure/img/visa_logo.svg
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
4462ccd44a726d46b1939e898f3c80318fe4a88cae2eeb3e6f0a2630a894abb4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:39 GMT
content-encoding
gzip
last-modified
Mon, 31 May 2021 14:41:39 GMT
server
nginx
etag
W/"60b4f5a3-dc8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:39 GMT
visa_debit_logo.svg
www.canadahelps.org/secure/img/ Frame E53A 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadahelps.org/secure/img/visa_debit_logo.svg
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
5182c626ff2afdb2385354f29c8424e4bda9b620586ff0eb2bad054c58eccef9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:39 GMT
content-encoding
gzip
last-modified
Mon, 31 May 2021 14:41:39 GMT
server
nginx
etag
W/"60b4f5a3-11b4"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:39 GMT
mastercard_logo.svg
www.canadahelps.org/secure/img/ Frame E53A 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadahelps.org/secure/img/mastercard_logo.svg
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
affeeba78630a9c18e637a26c35d920b604292712a6c73618f47cb3cf0596f33
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:39 GMT
content-encoding
gzip
last-modified
Mon, 31 May 2021 14:41:39 GMT
server
nginx
etag
W/"60b4f5a3-1794"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:39 GMT
american_express_logo.svg
www.canadahelps.org/secure/img/ Frame E53A 		10 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadahelps.org/secure/img/american_express_logo.svg
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
8552b9b22003e434f1530e05b80a6b9c994f5174010c229ca02ce2d93888e455
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadahelps.org/en/dne/48326
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:39 GMT
content-encoding
gzip
last-modified
Mon, 31 May 2021 14:41:39 GMT
server
nginx
etag
W/"60b4f5a3-2916"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Sun, 04 Jul 2021 17:14:39 GMT
truncated
/ Frame E53A 		179 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ionicons.ttf
www.canadahelps.org/secure/fonts/ Frame E53A 		184 KB
184 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.canadahelps.org/secure/fonts/ionicons.ttf?v=2.0.0
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/secure/css/cdn3.fullform.css?v=2021.I.0P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.74.206.165 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
nginx /
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Origin
https://www.canadahelps.org
Referer
https://www.canadahelps.org/secure/css/cdn3.fullform.css?v=2021.I.0P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:39 GMT
last-modified
Mon, 31 May 2021 14:41:39 GMT
server
nginx
etag
"60b4f5a3-2e05c"
strict-transport-security
max-age=15768000
content-type
application/octet-stream
accept-ranges
bytes
content-length
188508
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame E53A 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.canadahelps.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:35:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
age
232767
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
expires
Thu, 02 Jun 2022 00:35:13 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame E53A 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.canadahelps.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:03:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
234658
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Thu, 02 Jun 2022 00:03:42 GMT
unifiedPixel
tr.outbrain.com/ Frame E53A 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=002c037e327bdd81584c498f1d082735d2&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.canadahelps.org%2Fen%2Fdne%2F48326&optOut=false&bust=009952979851729271
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 04 Jun 2021 17:14:40 GMT
Cache-Control
no-cache
X-TraceId
2b378ef761b1986dd08f77d940300dea
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
i
tr.snapchat.com/cm/ Frame 7C22 		0
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.canadahelps.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.canadahelps.org/

Response headers

server
nginx/1.17.3
date
Fri, 04 Jun 2021 17:14:40 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame F419 		0
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
257
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.canadahelps.org
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.canadahelps.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://www.canadahelps.org
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.canadahelps.org/

Response headers

server
nginx/1.17.3
date
Fri, 04 Jun 2021 17:14:40 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIACfOcxT1Co63jcG7YFvezSFAHuH2KQtorStAyyoLd3qQWvoBZXewIDIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ Frame E53A 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=154860178445426&ev=PageView&dl=https%3A%2F%2Fwww.canadahelps.org%2Fen%2Fdne%2F48326&rl=https%3A%2F%2Fwww.frontlinefund.ca%2F&if=true&ts=1622826880579&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&it=1622826879637&coo=false&exp=l0&rqm=GET
Requested by
Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dne/48326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 04 Jun 2021 17:14:40 GMT
i
tr.snapchat.com/cm/ Frame F13E 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.frontlinefund.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIACfOcxT1Co63jcG7YFvezSFAHuH2KQtorStAyyoLd3qQWvoBZXewIDIAAAA=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.frontlinefund.ca/

Response headers

server
nginx/1.17.3
date
Fri, 04 Jun 2021 17:14:40 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 9D15 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
231
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.frontlinefund.ca
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.frontlinefund.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIACfOcxT1Co63jcG7YFvezSFAHuH2KQtorStAyyoLd3qQWvoBZXewIDIAAAA=
Upgrade-Insecure-Requests
1
Origin
https://www.frontlinefund.ca
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.frontlinefund.ca/

Response headers

server
nginx/1.17.3
date
Fri, 04 Jun 2021 17:14:40 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ Frame E53A 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=154860178445426&ev=Microdata&dl=https%3A%2F%2Fwww.canadahelps.org%2Fen%2Fdne%2F48326&rl=https%3A%2F%2Fwww.frontlinefund.ca%2F&if=true&ts=1622826882091&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20Now%20-%20The%20Frontline%20Fund%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&it=1622826879637&coo=false&es=automatic&tm=3&exp=l0&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.canadahelps.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 17:14:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 04 Jun 2021 17:14:42 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq function| snaptr object| r object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk boolean| triedToSendCookieToNative object| WebJSBridge function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| iFrameResize function| $ function| jQuery function| Popper object| bootstrap function| onYouTubeIframeAPIReady

3 Cookies

Domain/Path Name / Value
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIACfOcxT1Co63jcG7YFvezSFAHuH2KQtorStAyyoLd3qQWvoBZXewIDIAAAA=
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.frontlinefund.ca/ Name: _scid
Value: a80e8729-a462-4d5d-941a-f3fc501e1e5a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5627812.fls.doubleclick.net
adservice.google.com
adservice.google.de
amplify.outbrain.com
bat.bing.com
c212.net
cdn.jsdelivr.net
cdn.polyfill.io
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
pixel.mathtag.com
px.ads.linkedin.com
px4.ads.linkedin.com
sc-static.net
snap.licdn.com
stackpath.bootstrapcdn.com
static.doubleclick.net
stats.g.doubleclick.net
t.paypal.com
tr.outbrain.com
tr.snapchat.com
www.canadahelps.org
www.facebook.com
www.frontlinefund.ca
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.paypal.com
www.youtube.com
yt3.ggpht.com
108.174.10.14
142.250.184.226
142.250.186.38
143.204.98.19
151.101.129.21
151.101.129.35
2.18.233.201
2.18.234.190
2001:4de0:ac18::1:a:2b
2606:4700::6812:bcf
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2016
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9b
2a02:26f0:6c00:2b0::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::485
2a04:4e42:3::621
35.186.226.184
52.222.149.126
52.233.26.83
64.202.112.127
76.74.206.165
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
0dbf074e5a42c443d21109f700704f372b565321f4d7128c9d320f3b503d066a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d51e13b74d3601ebe578df002ba857f6b1e5f179b118f8b19ea14c79ef5470d
1e47027ec3d0f9620de350dcf51611b55c4e259e816ae269060b5f4551094976
218c050ae1bcefb6b476029213fe1e9b29886d582b4d5eaec9d53452a1420ac5
24e98b3259203f1711616f6d4799154822d403ecd518d6dfcf16c219158272fb
2738f2db8d227a8e78ec699f490d7a0624fe2bcfc3260f9ff73a75cd5eba65ed
2954a8f6c2621ad59a3e6c8d1c323dd11dce9a251a1141af2b83a12c2ef93a5f
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2bf12dd09417bd879194b11b5d2a4e81f78e12f3e0869f16e038003b4636a525
2c5ec61391dabb57e9933cf111ac912c64d4cba64e6911bc24f04359d4a0699b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f436874ed4fce63ea3643cce3ae94dac5471a32c5e536d458c5812ad4cfbfa0
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
32fa63f8008fbd2c88a3b98b877bf68fa5c97fbb6c3c61ff8f80ea7adc198f6b
338db84ff7c7103cd35fedac370f33e5f5f9eb6fcdd207e68b3c3cf3c83fb36b
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33d15a5d6eefe7717fcb80376dc172e11c6814b2978fab9606d686941dd2e564
34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e602a4de26c3837529b6897f9b749d60becd673f815b7ea1a798fc73fe342ce
41ee4c2d3d7b5721f1d58fa04863c4ee2d1bdf39d3d6cd50e8be33af0342fee9
4462ccd44a726d46b1939e898f3c80318fe4a88cae2eeb3e6f0a2630a894abb4
4b0222bdab39ac468537590175e3f3679c16e78f73d2ffdce2e6b6901a2c1960
4e8dd84d8aaee5dcf785718fc7a65a4ce4113892c42497866fa94028e7f65ba0
5182c626ff2afdb2385354f29c8424e4bda9b620586ff0eb2bad054c58eccef9
56f9ac4f358655fb48ec0ce36f7ddd8bbb965c461412929b4c5d10901ab6810c
578ab6c83b4bf4279219e3d4d81986c8d3d0ca0422149d462f317ce85fc8c9c1
59e85a2b721d58db3ba34854e0eb3ed40148ff4c1ea898630211d39dd80871ad
5a502280deb08defb508338bbd492164daa44279d91b3429516c6c4b057cc9ef
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60854ae2f597fa735150c989f8389a0c369987435b2673cb2a3eaeeda5d0912c
612ab44dc4c3112888ac8765b621b398f88f949c498b275bf120148a501dd2a7
6393a3eab589e876b83ec0ac910dbdb104f9bba599b79c6b860f910f9944a9ce
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c3a624f8bc598979d11c8fb35c2304a64bcb0ec9a2e97d139ef9ddf47a93f24
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ff2aab34866c0add99f806f36b62b7c6c4b1d8c6bb3f6fa12deeb2f0023eeb4
704955d709b626ec51e576b1053dae12fffeecafc212a2c6516c92d77c739fdb
7137a345b6bb4db468ab45955366815ef392979ebf31018f236019757e306f74
722127c81600701f21c1599e2742f6688ae3903283e1b1769215cb0e23313ad4
73025991d085d103280035e8fc2af958474075b4bebbc0d20d419f68dab51347
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
750626c18b86da5cf506a629d78656e2b3ac599f9742393e3ac562aabbb92303
78ea6f9a8b7128107ecc851f59d5d396223839b9a52487e311587b3367a9f13f
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7f5b55275553cf48bf1ea7cceabb81458b3bda0ea31964457fa6954ba768e808
7f6779cb948f3faa7f299b0e8ed3a5c0d5d810e516ca7da2762625ee99505c96
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854b6102c350816c67d38259f9c32016f00f9ecc4276f7d0d1b2d0279a381391
8552b9b22003e434f1530e05b80a6b9c994f5174010c229ca02ce2d93888e455
8abbe19db4dbc083cd5d06feb72f90559fedd569444e1ad0345a6770cf58fbe2
8b6c125260cbe9b425aff8c032e725e63a1358dbd1ec17fa885599cb46306c65
8ca22f30bb503ec78da7b9ef0b8d711e8bef4f644af3122df28670d57b1a9b8b
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8eff2b654a02ba2efd6d909282fadb10634d6edb187a9d7818a55b000895bd37
93a9fe57526f6231ff60d3671166d778980797be55cb7c9727516b927d82b335
9e478579c3cb6275289455a5c66f3027265825bddd2d77fb8b7b752c12dffb3c
a08acac60de13bce023074ac58d4fa94f0cc3f4ad2ef72cd29913709ef60ab70
a553d689606dcc9e2b6d4b444bd3b8f64aea4613bb9a195b6290d810f7a42058
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
aa0e735f9e536274c74712e293599e1081bd3968521ab0c67c00f7e7d145bbf6
ab0b6c92a1400e55ec1ff1e6d6dbe189db353c1ed363033709b59c78524b8caa
ad5e91dad77d4d4200dbcebdd9203a2f5075380000c15a33d11852704fe226c9
ae521d3f07a9eaad3ee67dcaded7a2256d8fd917aac0e2597c11e0fe2f8a26cf
affeeba78630a9c18e637a26c35d920b604292712a6c73618f47cb3cf0596f33
b004103ab9cc1116ccc6891509b74e8399dcfa32db5487ffbdc7955722b158f0
b1ef0bbc064a24f6354165dcdf255f087f293d660d68f8807444ce371c45c82f
b3cab5661ef0bb4e761199d63b58b8f2588ce8187375981799a17b1ca024f60f
b6c02d89ac8e14db6a1b44902b11505101d941da225147f040d2f4137d8ce383
b8523446732aebbe25cb0557b32a635459a6170f00836e53a4260930d98c23c6
bb22dbf62bb04df39f13e65f7b2ecb8246c6836bf60e88583ca905d8b5ef3901
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c46677833614dc8c76eb0ce4bc5b7b05b814d6be4c3395a10be1d9d09fa14d46
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c97df91d4e861efbed2d98832352fe363fbfa7eaff08f431c0983b08c477e06e
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
ccc9a4a97a2a6203e474b0333c1cedcdeab7c8f853e2298c6fa2e73921f39e24
d147b7ac38e532c32f3d0386a4e0027e602decd1351d6e2bb2af36432107617b
d6133f885bd79b414f76346c0b8c32842d06400095c1c8a3d7e36acd2cfabee4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df41a1ccb53c232aa2d90dca1a85c4651ead2d1e58caa19e8048aede69ebe01d
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54b51cd550f1170c0c2e1b6fb69f3c9a52481caca083a0513482c9c4d3761c6
e8022a7bc5ced09b9754c27e1b3680869fa31ca568b1b7c955639404a8bd1e38
e8703973d6dcebd71cb03d72f7e6145061aaaf6feefde1b91c867be16a507ba9
e8e06c0ef58cf21fc5a2b2268a78ef904bad93b5170dd8c0757a649408ef1f6d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9da833f6e6ca271eb49e1194462ace63e66febe5c6781580733cf90eb0a545
efd66c35a3c10b6dab126fd7923c25c7cd5eda40903f7d70efd879cbebbcb182
f656f99a84999415a417899779b5d671fb908124d7eabe8a3fc80c7e86182ae7
f7326697e340432e2276ba1403c2893c7abd9b1d34bd0028a94d2897f8dd0465
fb179525d5a7e7ca8d71f352ce3082386a9d89ce33a15d0400924b4ad950131c
fbe2ea6d98cf83747ae4a5bfd0836fd1e74700b91a9c87339dbb060bbbcc33fe
fe1545c3865cc4f2237f21331494c7f2bc60a8ceaf161d72c5ba489b8345b342